d33001b8fbdda1653da2eadd428e5c9c983f1514b56c7ba60dd15e3aa9d68d9d | Triage

Sharing

General

Target

0cd6d30458b6fde3248a8786fba75ee1.exe
Size

23.0MB
Sample

230801-tmx2nahd52
MD5

0cd6d30458b6fde3248a8786fba75ee1
SHA1

2837205f4a726222f4942d88560ad6c559abccd4
SHA256

d33001b8fbdda1653da2eadd428e5c9c983f1514b56c7ba60dd15e3aa9d68d9d
SHA512

795b2461754570637b9c09ccc3457fa5f695a569e2a122bfa14032e0ae6ce8bdda4f9807ae048d59c24689b943efc550aaeefcbfc1bf80735365bacf2aaeebd5
SSDEEP

24576:uh3kKn3YCR6D8fjuOrBSZT2icBW0pUThJMv7s:a3kAIs7qOrBSZ6v40

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  0cd6d30458b6fde3248a8786fba75ee1.exe
- Size
  
  23.0MB
- MD5
  
  0cd6d30458b6fde3248a8786fba75ee1
- SHA1
  
  2837205f4a726222f4942d88560ad6c559abccd4
- SHA256
  
  d33001b8fbdda1653da2eadd428e5c9c983f1514b56c7ba60dd15e3aa9d68d9d
- SHA512
  
  795b2461754570637b9c09ccc3457fa5f695a569e2a122bfa14032e0ae6ce8bdda4f9807ae048d59c24689b943efc550aaeefcbfc1bf80735365bacf2aaeebd5
- SSDEEP
  
  24576:uh3kKn3YCR6D8fjuOrBSZT2icBW0pUThJMv7s:a3kAIs7qOrBSZ6v40
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2